Manualshelf

LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
41424344454647484950
2.9.4.1 Setting ACI for an Admin Proxy User
With Netscape Directory Server 6.11 and 6.21, you can use the Netscape Console or ldapmodify
to set up ACI, which gives an Admin Proxy user permissions to manage host and user keys in
the LDAP directory.
An Example
The following ACI gives the permissions for the Admin Proxy user uid=keyadmin to read,
write, and compare nissecretkey and nispublickey attributes for hosts and users:
dn:dc=org,dc=hp,dc=com
aci:(targetattr ="objectclass||nispublickey||nissecretkey")
(version 3.0;acl "Allow keyadmin to change key pairs"; allow
(read,write,compare) userdn="ldap:///uid=keyadmin,ou=people,dc=org,dc=hp,dc=com";)
48 Installing And Configuring LDAP-UX Client Services